<?php	
	$db = new MySQL();   
	$table = "banner";
	$id = $_GET['id'];	
	$mod = $_GET['mod'];
	$curpg = $_POST["curpg"];		
	
	//edit nhieu field cung mot luc
	if ($_POST["form_"]=="editlist")
	{			
		$listid = $_POST['listid'];		
		$key_str =  substr($listid,0,strlen($listid)-1);
		$key_arr = explode(',', $key_str);
		$num_edit = count($key_arr);	
		
		for($i=1; $i<=$num_edit; $i++)
		{
			$id_edit = $key_arr[$i-1];	
			
			
			$title = (isset($_POST["title_".$i]))?$_POST["title_".$i]:"";
				$title = str_replace("'", "\\'", $title);
				$title = str_replace("\\\'", "\\'", $title);				
				
			//image	
			$query = "select * from $table where id='".$id_edit."'";
			$sql = $db->select($query);
			$tt = $db->fetch($sql);
			$image  = $tt['image'];	
			
			if ($_FILES['image_'.$i]['name'] != "")	
			{				
				$parts1=pathinfo($_FILES['image_'.$i]['name']);
				$ext1=".".strtolower($parts1["extension"]);	
				
				//$attach_file = date("sihdmy")."_".$i.$ext1;
				
				if (file_exists("../banner-img/".$_FILES["image_".$i]["name"]))
				{
					$attach_file = date("sihdmy")."_".$i.$ext1;
				}
				else 
				{											  
					$attach_file = str_replace(" ","_",$_FILES["image_".$i]["name"]);
				}
							
				
				if(move_uploaded_file($_FILES["image_".$i]["tmp_name"], "../banner-img/".$attach_file))
				{	
					$filemod = "../banner-img/".$attach_file;
					
					chmod($filemod,0777);
					
					resize_jpg($filemod,$filemod,1600,0);
					
					if($image !="" && file_exists("../banner-img/".$image))   
					{
						unlink("../banner-img/".$image); 
						
					}	
					$image = $attach_file;					
				}
						
			}
			
			//cap nhat du lieu
			$query="update $table set image = '$image' ";
			$query.=" where id='$id_edit'";
			$sql = $db->update($query);	
		}											
		$db->close();							
		echo "<script>location='?mod=".$mod."&act=list'</script>";	
	}
	
	if ($_POST["form_"]=="add")
	{	
		$numadd = $_POST["numadd"];
		//echo $numadd; die();
		$listid = "";
		for($i=1; $i<=$numadd; $i++)
		{
			//image	
			//echo $numadd; die();
			
			$title = (isset($_POST["title_".$i]))?$_POST["title_".$i]:"";
				$title = str_replace("'", "\\'", $title);
				$title = str_replace("\\\'", "\\'", $title);	
			
			if ($_FILES['image_'.$i]['name'] != "")	
			{				
				$parts1=pathinfo($_FILES['image_'.$i]['name']);
				$ext1=".".strtolower($parts1["extension"]);																			
	
				//$attach_file = date("sihdmy")."_".$i.$ext1;
				
				if (file_exists("../banner-img/".$_FILES["image_".$i]["name"]))
				{
					$attach_file = date("sihdmy")."_".$i.$ext1;
				}
				else 
				{											  
					$attach_file = str_replace(" ","_",$_FILES["image_".$i]["name"]);
				}
								
				
				if(move_uploaded_file($_FILES["image_".$i]["tmp_name"], "../banner-img/".$attach_file))
				{	
					$filemod = "../banner-img/".$attach_file;
					
					chmod($filemod,0777);
					
					resize_jpg($filemod,$filemod,1600,0);
										
					$image = $attach_file;						
						
					// du lieu			
					$query="insert into $table ( image ) ";
					$query.=" values ('$image' )";
					$id = $db->insert($query);
					
					$listid .= $id.",";			
					
				}						
			}
					
		}								
		$db->close();							
		echo "<script>location='?mod=".$mod."&act=list'</script>";			
			
	}
	
	//delete 	
	if ( $_POST['form_']=="delete")
	{
		$listid=$_POST["listid"];
		//echo $listid; die();
		$key_str =  substr($listid,0,strlen($listid)-1);
		$key = explode(',', $key_str);
		
		$strwhere="where id in ('".str_replace(",","','",$key_str)."')";
		
		$query="select * from $table $strwhere";
		$sql = $db->select($query);
		while($tt = $db->fetch($sql))
		{
			$image = $tt['image'];
			if($image !="" && file_exists("../banner-img/".$image))
			{   
				unlink("../banner-img/".$image); 
			}
		}
		
		$query="delete from $table $strwhere";
		$sql = $db->delete($query);				
	
		$db->close();
		echo "<script>location='?mod=".$mod."&act=list&curpg=".$curpg."'</script>";	
	}
			
			
		

?>
